@bytebase/dbhub 0.4.5 → 0.4.7

package/README.md

@@ -338,6 +338,24 @@ The demo mode uses an in-memory SQLite database loaded with the [sample employee
    pnpm start --transport stdio --dsn "postgres://user:password@localhost:5432/dbname?sslmode=disable"
    ```
 
+### Testing
+
+The project uses Vitest for testing:
+
+- Run tests: `pnpm test`
+- Run tests in watch mode: `pnpm test:watch`
+
+#### Pre-commit Hooks (for Developers)
+
+The project includes pre-commit hooks to run tests automatically before each commit:
+
+1. After cloning the repository, set up the pre-commit hooks:
+   ```bash
+   ./scripts/setup-husky.sh
+   ```
+
+2. This ensures the test suite runs automatically whenever you create a commit, preventing commits that would break tests.
+
 ### Debug with [MCP Inspector](https://github.com/modelcontextprotocol/inspector)
 
 #### stdio

package/dist/index.js

@@ -57,6 +57,97 @@ var _ConnectorRegistry = class _ConnectorRegistry {
 _ConnectorRegistry.connectors = /* @__PURE__ */ new Map();
 var ConnectorRegistry = _ConnectorRegistry;
 
+// src/utils/safe-url.ts
+var SafeURL = class {
+  /**
+   * Parse a URL and handle special characters in passwords
+   * This is a safe alternative to the URL constructor
+   * 
+   * @param urlString - The DSN string to parse
+   */
+  constructor(urlString) {
+    this.protocol = "";
+    this.hostname = "";
+    this.port = "";
+    this.pathname = "";
+    this.username = "";
+    this.password = "";
+    this.searchParams = /* @__PURE__ */ new Map();
+    if (!urlString || urlString.trim() === "") {
+      throw new Error("URL string cannot be empty");
+    }
+    try {
+      const protocolSeparator = urlString.indexOf("://");
+      if (protocolSeparator !== -1) {
+        this.protocol = urlString.substring(0, protocolSeparator + 1);
+        urlString = urlString.substring(protocolSeparator + 3);
+      } else {
+        throw new Error('Invalid URL format: missing protocol (e.g., "mysql://")');
+      }
+      const questionMarkIndex = urlString.indexOf("?");
+      let queryParams = "";
+      if (questionMarkIndex !== -1) {
+        queryParams = urlString.substring(questionMarkIndex + 1);
+        urlString = urlString.substring(0, questionMarkIndex);
+        queryParams.split("&").forEach((pair) => {
+          const parts = pair.split("=");
+          if (parts.length === 2 && parts[0] && parts[1]) {
+            this.searchParams.set(parts[0], decodeURIComponent(parts[1]));
+          }
+        });
+      }
+      const atIndex = urlString.indexOf("@");
+      if (atIndex !== -1) {
+        const auth = urlString.substring(0, atIndex);
+        urlString = urlString.substring(atIndex + 1);
+        const colonIndex2 = auth.indexOf(":");
+        if (colonIndex2 !== -1) {
+          this.username = auth.substring(0, colonIndex2);
+          this.password = auth.substring(colonIndex2 + 1);
+          this.username = decodeURIComponent(this.username);
+          this.password = decodeURIComponent(this.password);
+        } else {
+          this.username = auth;
+        }
+      }
+      const pathSeparatorIndex = urlString.indexOf("/");
+      if (pathSeparatorIndex !== -1) {
+        this.pathname = urlString.substring(pathSeparatorIndex);
+        urlString = urlString.substring(0, pathSeparatorIndex);
+      }
+      const colonIndex = urlString.indexOf(":");
+      if (colonIndex !== -1) {
+        this.hostname = urlString.substring(0, colonIndex);
+        this.port = urlString.substring(colonIndex + 1);
+      } else {
+        this.hostname = urlString;
+      }
+      if (this.protocol === "") {
+        throw new Error("Invalid URL: protocol is required");
+      }
+    } catch (error) {
+      throw new Error(`Failed to parse URL: ${error instanceof Error ? error.message : String(error)}`);
+    }
+  }
+  /**
+   * Helper method to safely get a parameter from query string
+   * 
+   * @param name - The parameter name to retrieve
+   * @returns The parameter value or null if not found
+   */
+  getSearchParam(name) {
+    return this.searchParams.has(name) ? this.searchParams.get(name) : null;
+  }
+  /**
+   * Helper method to iterate over all parameters
+   * 
+   * @param callback - Function to call for each parameter
+   */
+  forEachSearchParam(callback) {
+    this.searchParams.forEach((value, key) => callback(value, key));
+  }
+};
+
 // src/connectors/postgres/index.ts
 var { Pool } = pg;
 var PostgresDSNParser = class {
@@ -65,16 +156,16 @@ var PostgresDSNParser = class {
       throw new Error(`Invalid PostgreSQL DSN: ${dsn}`);
     }
     try {
-      const url = new URL(dsn);
+      const url = new SafeURL(dsn);
       const config = {
         host: url.hostname,
         port: url.port ? parseInt(url.port) : 5432,
-        database: url.pathname.substring(1),
-        // Remove leading '/'
+        database: url.pathname ? url.pathname.substring(1) : "",
+        // Remove leading '/' if exists
         user: url.username,
-        password: url.password ? decodeURIComponent(url.password) : ""
+        password: url.password
       };
-      url.searchParams.forEach((value, key) => {
+      url.forEachSearchParam((value, key) => {
         if (key === "sslmode") {
           if (value === "disable") {
             config.ssl = false;
@@ -97,8 +188,7 @@ var PostgresDSNParser = class {
   }
   isValidDSN(dsn) {
     try {
-      const url = new URL(dsn);
-      return url.protocol === "postgres:" || url.protocol === "postgresql:";
+      return dsn.startsWith("postgres://") || dsn.startsWith("postgresql://");
     } catch (error) {
       return false;
     }
@@ -386,72 +476,73 @@ var SQLServerDSNParser = class {
         "Invalid SQL Server DSN format. Expected: sqlserver://username:password@host:port/database"
       );
     }
-    const url = new URL(dsn);
-    const host = url.hostname;
-    const port = url.port ? parseInt(url.port, 10) : 1433;
-    const database = url.pathname.substring(1);
-    const user = url.username;
-    const password = url.password ? decodeURIComponent(url.password) : "";
-    const options = {};
-    for (const [key, value] of url.searchParams.entries()) {
-      if (key === "connectTimeout") {
-        options.connectTimeout = parseInt(value, 10);
-      } else if (key === "requestTimeout") {
-        options.requestTimeout = parseInt(value, 10);
-      } else if (key === "authentication") {
-        options.authentication = value;
-      } else if (key === "sslmode") {
-        options.sslmode = value;
-      }
-    }
-    if (options.sslmode) {
-      if (options.sslmode === "disable") {
-        options.encrypt = false;
-      } else if (options.sslmode === "require") {
-        options.encrypt = true;
-        options.trustServerCertificate = true;
-      }
-    }
-    const config = {
-      user,
-      password,
-      server: host,
-      port,
-      database,
-      options: {
-        encrypt: options.encrypt ?? true,
-        // Default to encrypted connection
-        trustServerCertificate: options.trustServerCertificate === true,
-        // Need explicit conversion to boolean
-        connectTimeout: options.connectTimeout ?? 15e3,
-        requestTimeout: options.requestTimeout ?? 15e3
+    try {
+      const url = new SafeURL(dsn);
+      const options = {};
+      url.forEachSearchParam((value, key) => {
+        if (key === "connectTimeout") {
+          options.connectTimeout = parseInt(value, 10);
+        } else if (key === "requestTimeout") {
+          options.requestTimeout = parseInt(value, 10);
+        } else if (key === "authentication") {
+          options.authentication = value;
+        } else if (key === "sslmode") {
+          options.sslmode = value;
+        }
+      });
+      if (options.sslmode) {
+        if (options.sslmode === "disable") {
+          options.encrypt = false;
+        } else if (options.sslmode === "require") {
+          options.encrypt = true;
+          options.trustServerCertificate = true;
+        }
       }
-    };
-    if (options.authentication === "azure-active-directory-access-token") {
-      try {
-        const credential = new DefaultAzureCredential();
-        const token = await credential.getToken("https://database.windows.net/");
-        config.authentication = {
-          type: "azure-active-directory-access-token",
-          options: {
-            token: token.token
-          }
-        };
-      } catch (error) {
-        const errorMessage = error instanceof Error ? error.message : String(error);
-        throw new Error(`Failed to get Azure AD token: ${errorMessage}`);
+      const config = {
+        user: url.username,
+        password: url.password,
+        server: url.hostname,
+        port: url.port ? parseInt(url.port) : 1433,
+        // Default SQL Server port
+        database: url.pathname ? url.pathname.substring(1) : "",
+        // Remove leading slash
+        options: {
+          encrypt: options.encrypt ?? true,
+          // Default to encrypted connection
+          trustServerCertificate: options.trustServerCertificate === true,
+          connectTimeout: options.connectTimeout ?? 15e3,
+          requestTimeout: options.requestTimeout ?? 15e3
+        }
+      };
+      if (options.authentication === "azure-active-directory-access-token") {
+        try {
+          const credential = new DefaultAzureCredential();
+          const token = await credential.getToken("https://database.windows.net/");
+          config.authentication = {
+            type: "azure-active-directory-access-token",
+            options: {
+              token: token.token
+            }
+          };
+        } catch (error) {
+          const errorMessage = error instanceof Error ? error.message : String(error);
+          throw new Error(`Failed to get Azure AD token: ${errorMessage}`);
+        }
       }
+      return config;
+    } catch (error) {
+      throw new Error(
+        `Failed to parse SQL Server DSN: ${error instanceof Error ? error.message : String(error)}`
+      );
     }
-    return config;
   }
   getSampleDSN() {
     return "sqlserver://username:password@localhost:1433/database?sslmode=require";
   }
   isValidDSN(dsn) {
     try {
-      const url = new URL(dsn);
-      return url.protocol === "sqlserver:";
-    } catch (e) {
+      return dsn.startsWith("sqlserver://");
+    } catch (error) {
       return false;
     }
   }
@@ -729,7 +820,7 @@ var SQLiteDSNParser = class {
       throw new Error(`Invalid SQLite DSN: ${dsn}`);
     }
     try {
-      const url = new URL(dsn);
+      const url = new SafeURL(dsn);
       let dbPath;
       if (url.hostname === "" && url.pathname === ":memory:") {
         dbPath = ":memory:";
@@ -752,8 +843,7 @@ var SQLiteDSNParser = class {
   }
   isValidDSN(dsn) {
     try {
-      const url = new URL(dsn);
-      return url.protocol === "sqlite:";
+      return dsn.startsWith("sqlite://");
     } catch (error) {
       return false;
     }
@@ -932,16 +1022,16 @@ var MySQLDSNParser = class {
       throw new Error(`Invalid MySQL DSN: ${dsn}`);
     }
     try {
-      const url = new URL(dsn);
+      const url = new SafeURL(dsn);
       const config = {
         host: url.hostname,
         port: url.port ? parseInt(url.port) : 3306,
-        database: url.pathname.substring(1),
-        // Remove leading '/'
+        database: url.pathname ? url.pathname.substring(1) : "",
+        // Remove leading '/' if exists
         user: url.username,
-        password: url.password ? decodeURIComponent(url.password) : ""
+        password: url.password
       };
-      url.searchParams.forEach((value, key) => {
+      url.forEachSearchParam((value, key) => {
         if (key === "sslmode") {
           if (value === "disable") {
             config.ssl = void 0;
@@ -964,8 +1054,7 @@ var MySQLDSNParser = class {
   }
   isValidDSN(dsn) {
     try {
-      const url = new URL(dsn);
-      return url.protocol === "mysql:";
+      return dsn.startsWith("mysql://");
     } catch (error) {
       return false;
     }
@@ -1289,15 +1378,16 @@ var MariadbDSNParser = class {
       throw new Error(`Invalid MariaDB DSN: ${dsn}`);
     }
     try {
-      const url = new URL(dsn);
+      const url = new SafeURL(dsn);
       const config = {
         host: url.hostname,
         port: url.port ? parseInt(url.port) : 3306,
-        database: url.pathname.substring(1),
+        database: url.pathname ? url.pathname.substring(1) : "",
+        // Remove leading '/' if exists
         user: url.username,
-        password: decodeURIComponent(url.password)
+        password: url.password
       };
-      url.searchParams.forEach((value, key) => {
+      url.forEachSearchParam((value, key) => {
         if (key === "sslmode") {
           if (value === "disable") {
             config.ssl = void 0;
@@ -1320,8 +1410,7 @@ var MariadbDSNParser = class {
   }
   isValidDSN(dsn) {
     try {
-      const url = new URL(dsn);
-      return url.protocol === "mariadb:";
+      return dsn.startsWith("mariadb://");
     } catch (error) {
       return false;
     }
@@ -1656,25 +1745,22 @@ var _OracleConnector = class _OracleConnector {
           throw new Error(`Invalid Oracle DSN: ${dsn}`);
         }
         try {
-          const url = new URL(dsn);
-          const username = url.username;
-          const password = url.password;
-          const host = url.hostname;
-          const port = url.port ? parseInt(url.port, 10) : 1521;
+          const url = new SafeURL(dsn);
           let serviceName = url.pathname;
           if (serviceName.startsWith("/")) {
             serviceName = serviceName.substring(1);
           }
-          const connectString = `${host}:${port}/${serviceName}`;
+          const port = url.port ? parseInt(url.port) : 1521;
+          const connectString = `${url.hostname}:${port}/${serviceName}`;
           const config = {
-            user: username,
-            password,
+            user: url.username,
+            password: url.password,
             connectString,
             poolMin: 0,
             poolMax: 10,
             poolIncrement: 1
           };
-          url.searchParams.forEach((value, key) => {
+          url.forEachSearchParam((value, key) => {
             switch (key.toLowerCase()) {
               case "poolmin":
                 config.poolMin = parseInt(value, 10);
@@ -1706,8 +1792,7 @@ var _OracleConnector = class _OracleConnector {
       },
       isValidDSN: (dsn) => {
         try {
-          const url = new URL(dsn);
-          return url.protocol === "oracle:";
+          return dsn.startsWith("oracle://");
         } catch (error) {
           return false;
         }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@bytebase/dbhub",
-  "version": "0.4.5",
+  "version": "0.4.7",
   "description": "Universal Database MCP Server",
   "main": "dist/index.js",
   "type": "module",
@@ -29,18 +29,21 @@
     "zod": "^3.24.2"
   },
   "devDependencies": {
-    "@types/oracledb": "^6.6.0",
     "@types/better-sqlite3": "^7.6.12",
     "@types/express": "^4.17.21",
     "@types/mssql": "^9.1.7",
     "@types/node": "^22.13.10",
+    "@types/oracledb": "^6.6.0",
     "@types/pg": "^8.11.11",
     "cross-env": "^7.0.3",
+    "husky": "^9.0.11",
+    "lint-staged": "^15.2.2",
     "prettier": "^3.5.3",
     "ts-node": "^10.9.2",
     "tsup": "^8.4.0",
     "tsx": "^4.19.3",
-    "typescript": "^5.8.2"
+    "typescript": "^5.8.2",
+    "vitest": "^1.6.1"
   },
   "compilerOptions": {
     "target": "ES2020",
@@ -54,10 +57,16 @@
   "include": [
     "src/**/*"
   ],
+  "lint-staged": {
+    "*.{js,ts}": "vitest related --run"
+  },
   "scripts": {
     "build": "tsup",
     "start": "node dist/index.js",
     "dev": "NODE_ENV=development tsx src/index.ts",
-    "crossdev": "cross-env NODE_ENV=development tsx src/index.ts"
+    "crossdev": "cross-env NODE_ENV=development tsx src/index.ts",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "pre-commit": "lint-staged"
   }
 }